Software Supply Chain Security Platform

Software Supply Chain Security Platform

The use of third-party software is now a reality. In fact, at least 90% of corporations use third party software and 95% of proprietary or custom software applications they create contain third party components. To overcome this blind spot in assessing third-party software inventory and risk, CodeSentry allows security professionals to measure and manage the risk associated with open source vulnerabilities in third-party software quickly and easily.

Download Datasheet

Software Supply Chain Security 

CodeSentry is derived from GrammaTech’s ground-breaking binary code analysis research. This technology achieves deep scalable analysis without the need for source code and is suitable for enterprise wide adoption.  Binary analysis is both efficient and less error prone than conventional SCA tools and due to CodeSentry’s high precision and recall results in fewer missed vulnerabilities and fewer false positives. The key advantage of CodeSentry is the ability to interrogate – at the binary level - both open source software and the third-party software that is now so commonly used.


Book an Evaluation 

CodeSentry Introduction

Product Tiering Options

CodeSentry is availalbe in three options that meen common use cases, making it easier to exapand capabilties as requirements dictate. The three tiering options are:

CodeSentry SBOM Edition

SBOM Edition provides a detailed software component inventory

CodeSentry Security Edition

Security Edition incldues SBOM Edition and provides comprehensive information on known N-day vulnerabilities and associated security intelligence.

CodeSentry Advanced Security Edition

Advanced Security Edition includes Security Edition and provides additional insights to zero-day weaknesses.

For More Details, Download the Datasheet


Software Bill of Materials

CodeSentry creates a detailed software bill of materials (SBOM) and lists known vulnerabilities in the detected components including any dependencies. CodeSentry continuously tracks these vulnerabilities throughout the software lifecycle. CodeSentry enables all your applications to be audit ready without rework or guesswork. The SBOM can be embedded along with each application making audit requests more reliable.

Vulnerability report

Vulnerability Report and Security Score

CodeSentry detects both N-Day and Zero-Day vulnerabilities in discovered open source components. By providing a high-level security score and detailed vulnerability reports, CodeSentry delivers visibility into hidden vulnerabilities and remediation information for third-party code and commercial-off-the-shelf software.

Deep Binary Analysis

CodeSentry’s binary detection capability is made possible with our deep scalable binary analysis. 

This approach yields high precision and recall meaning less missed vulnerabilities and less false positives.

Software Re-Use Risk Management

CodeSentry allows security professionals to measure and manage the risk associated with third-party software quickly and easily. Achieved with a powerful combination of deep binary analysis, detailed software bill of materials (SBOM) and a comprehensive list of known vulnerabilities. Tracked and managed throughout the software lifecycle.  

What is CodeSentry Binary Software Composition Analysis?

CodeSentry uses multiple component matching algorithms that provide speed and accuracy of component detection across different Instruction Set Architectures (ISAs) and compilers. These algorithms compute and compare code signatures using properties ranging from lexical information such as the contents of strings, up to deep semantic abstractions of the high-level logic contained in functions.


Software Bill of Materials

Vulnerability List

Book an Evaluation

The best way to try a SCA solution is to run it on your own codebase and review the results it issues. Book an evaluation and learn how GrammaTech technology can rapidly improve your software development capability.